StorageGateway_1_3_0
StorageGateway_1_3_0 Document
A storage gateway provides the access policies for the endpoint’s connected storage systems. It is a named interface by which authorized users can create and manage collections on the connected storage system. A single storage system may be associated with multiple storage gateways, each with its own policies.
Storage gateway policies describe what type connector the storage gateway uses, the paths it allows access to, the login requirements are for the storage gateway, and the algorithm to map Globus identities to the user namespace of the storage gateway (e.g. local accounts).
Version 1.1.0 includes support for multi-factor authentication requirements for high assurance storage gateways.
Version 1.2.0 includes support for admin managed credentials.
Version 1.3.0 includes support for overriding the endpoint’s network use parameters on a storage gateway.
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
admin_managed_credentials |
boolean |
Flag indicating if the storage_gateway allows endpoint administrators to manage user credentials on behalf of other users. |
allowed_domains |
array of string |
List of allowed domains. Users creating credentials or collections on this storage gateway must have an identity in one of these domains. |
authentication_assurance_timeout (deprecated) |
integer |
Alias for authentication_timeout_mins[Private] |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated to access files or create user credentials on this storage gateway. For a high assurance storage gateway, this must be done within the current Globus Auth session, otherwise, the caller can perform the authentication with any application which uses Globus Auth. |
connector_id |
string <uuid> |
Id of the connector type that this storage gateway interacts with. |
deleted |
boolean |
Flag indicating that this storage gateway has been deleted[Private] |
display_name |
string |
Name of the storage gateway |
high_assurance |
boolean |
Flag indicating if the storage_gateway requires high assurance features. |
id |
string <uuid> |
Unique id for this storage gateway |
identity_mappings |
array ( IdentityMapping ) |
List of identity mappings to apply to user identities to determine what connector-specific accounts are available for access. [Private] |
load_dsi_module |
string |
Name of the DSI module to load by the GridFTP server when accessing this storage gateway. [Private] |
max_concurrency |
integer |
Admin-specified value when the network_use property’s value is
|
max_parallelism |
integer |
Admin-specified value when the network_use property’s value is
|
network_use |
string |
Control how Globus interacts with this endpoint over the network. Allowed values for network_use are:
|
policies |
S3StoragePolicies_1_0_0 or S3StoragePolicies_1_1_0 or S3StoragePolicies_1_2_0 or AzureBlobStoragePolicies_1_0_0 or AzureBlobStoragePolicies_1_1_0 or BlackPearlStoragePolicies_1_0_0 or BoxStorage_1_0_0 or BoxStorage_1_1_0 or BoxStorage_1_2_0 or CephStoragePolicies_1_0_0 or DropboxStoragePolicies_1_0_0 or GoogleCloudStoragePolicies_1_0_0 or GoogleCloudStoragePolicies_1_1_0 or GoogleDriveStoragePolicies_1_0_0 or GoogleDriveStoragePolicies_1_1_0 or HPSSStoragePolicies_1_0_0 or HPSSStoragePolicies_1_1_0 or IrodsStoragePolicies_1_0_0 or OneDriveStoragePolicies_1_0_0 or OneDriveStoragePolicies_1_1_0 or PosixStoragePolicies_1_0_0 or PosixStagingStoragePolicies_1_0_0 |
Connector-specific storage policies |
preferred_concurrency |
integer |
Admin-specified value when the network_use property’s value is
|
preferred_parallelism |
integer |
Admin-specified value when the network_use property’s value is
|
process_user |
string |
Local POSIX user the GridFTP server should run as when accessing this storage gateway. [Private] |
require_high_assurance (deprecated) |
boolean |
Alias for high_assurance |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only usable on high assurance storage gateways. |
restrict_paths |
null or PathRestrictions |
Path restrictions within this storage gateway. Paths are interpreted as absolute paths in the file namespace of the connector. [Private] |
users_allow |
array of string |
List of connector-specific usernames allowed to access this storage gateway. [Private] |
users_deny |
array of string |
List of connector-specific usernames denied access to this storage gateway. [Private] |
{
"DATA_TYPE": "storage_gateway#1.3.0",
"admin_managed_credentials": false,
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"max_concurrency": 1,
"max_parallelism": 1,
"network_use": "normal",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"preferred_concurrency": 1,
"preferred_parallelism": 1,
"process_user": "string",
"require_high_assurance": true,
"require_mfa": false,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}